Welcome back my aspiring cyber warriors!
Now that you have mastered the Basics of Linux, let's begin looking at some of the more esoteric but equally powerful Linux commands for the hacker.One of those key commands is curl or client URL. This command enables the Linux user to send and receive to a specified URL, among other things. This can be especially useful in downloading web site source code for analysis in your lab.
Step #1: curl help
Let's begin by looking at the curl help screen.
kali > curl -h
To see a more complete help screen, you can enter curl --help all.
In it's simplest form, curl simply targets a URL and then downloads its contents and displays it to your screen (standard output). Let's see what it can do when we use https://hackers-arise.com as our target.
kali > curl https://hackers-arise.com
As you can see, nothing happened. This is because the default settings in curl do not allow for a re-direct. Apparently, hackers-arise.com has a re-direct, so curl simply executes without downloading any data. We can enable re-directs in curl by using curl with the -L switch.
Let's try it again with the -L switch and see whether we get any output.
kali > curl -L https://hackers-arise.com
As you can see below, curl gathered all the source code from the URL and displays it to my screen (stdout).
This output is not very convenient for analysis. It would be much better and easier to work with to have the output sent to a text file. Let's try sending the output from this website to a file.
To do so, we use the -o switch followed by the file name where we want the code stored. In this case, I entered;
kali > curl -L -o hackers_website.html https://hackers-arise.com
This time, curl displays a table and progress bar as it downloads the contents of the page. Now when we open that file with the more command, we can see the contents of that page.
kali > more hackers_website.html
Step #3: Using curl Anonymously
In some cases, we may want to gather data or source code anonymously. In that case, we can use a proxy in our curl command to send the command through a specified proxy such as:
kali > curl -x <proxy IP>:<proxy port> <target URL>
To access hackers-arise.com source code anonymously from a proxy at 45.169.148.11 using port 999, we can simply enter;
kali > curl -x 45.169.148.11:999 -L https://hackers-arise.com
Step #4: Using curl to Send Data
In addition to pulling data from URL's, curl can also push data to URL's. For instance, the website textbelt.com allows you to send data to their service in order to send fake SMS messages. In this case, we can use curl to send both the phone number and the message to their site and they will send the fake text message to the target such as;
kali > sudo curl -X POST https://textbelt.com/text --data-urlencode phone='12152749318' --data-urlencode message='Hurry to St. Thomas Hospital! Your wife has been in a terrible accident!' -d key=<API key>
For more on sending fake SMS messages, go to How To Create a Fake SMS.
Summary
curl is one of those commands in Linux that is often overlooked by beginners but can be a powerful tool in the hands of an experienced Linux user. Is is capable of both sending and receiving data across the Internet and a few minutes invested in learning it subtleties will pay big dividends. Probably it widest use among hackers is downloading source code from web sites for analysis.